1. Field of the Invention
This disclosure relates generally to the field of data storage and archiving and, in some embodiments, more specifically to establishing a reliable record of the chain of events and tracking of location and transfer (physical and/or virtual) of data objects for auditing custody of the same during the activities used to create, store, test, and/or retrieve archived data.
2. Description of the Related Art
Determining whether electronic data is “good” (original) or “bad” (manipulated) is demanding. Without mechanisms in place, the electronic data itself and the times associated with any changes to the data can be modified and manipulated, often without detection, creating challenges to establishing the reliability of the electronic data.
Currently there are two classes of electronic data certifications: certified Time Stamp Authorities, and non-repudiation services.
A Time Stamp Authority (TSA) issues a timestamp to prove the existence of certain data before a certain point in time without the possibility that the owner can backdate the timestamps. TSAs are used to timestamp on-line bills and orders (to prove when a transaction has occurred and that their contents have not been altered since then), creative works (the person with the earliest timestamp provides strong evidence in claiming ownership of a text, graphic, audio, and video work), or digital signatures (an accurate time from a trustworthy third party shows when a digital document was signed assigning the property of non-repudiation to the document). Non-repudiation services minimally build on the concept of a TSA to provide document time stamping. Their focus is generally on the legal concerns around electronic document non-repudiation. Exemplary TSA providers include ProofSpace, Inc. of Grand Rapids, Mich., and Formatta, Inc. of Fairfax, Va.
Due to increasing governance regulations, such as Sarbanes-Oxley, and the amplified value of Intellectual Property, such as patents or copyrighted material, it is desirable that a homogeneous, comprehensive set of records be used to ensure the integrity and reliability of archived data. More specifically, it can be desirable to have an indelible record of each time the archived data is touched (e.g. created, stored, retrieved, accessed, tested, moved, or transformed) to generate verifiable links between events in order to ensure the custody of the data can be audited and verified that it has remained intact throughout its lifetime, and to be able to detect any modification to the archived data, so that a proper copy can be retrieved to bring the archive copy back to its original state.
TSAs and non-repudiation services only provide a fragment of the functionality required to meet these types of needs for archived data.